We\u2019re honoured to support a large number of NZ law firms as clients, and it is a responsibility we take very seriously.<\/p>\n
In this case, one of the firms needed a photo of a driver\u2019s license from one of their clients. Understandably, the client simply took a photo and emailed it back. Imagine their surprise when, just two days later, they discover a new \u2018AfterPay\u2019 account set up in their name, created using their driver\u2019s license information. A careful review of the law firm\u2019s logs and security settings determined that the information wasn\u2019t leaked from there, and it is pretty clear it was their client that was compromised.<\/p>\n
That could have been their email, but more likely it was simply that their phone was automatically synchronising their photos to somewhere online – for example, it might be a third party photo library app service.\u00a0 For example, most of us sync our photos to Google, Apple or Microsoft and these are fairly secure, but then we grant third-party access to these for some reason, and that creates a weakness.<\/p>\n
Alternative risk vectors include malware on the phone, or a family sharing account that has been compromised somehow..<\/p>\n
I think many of us have used photos of identity documents for all sorts of things, from Travel Declarations to banking.\u00a0 What we need to do is find a way to ensure our personal devices aren’t letting us down.<\/span><\/p>\n Risks like this exist in every organisation. They won\u2019t be exactly the same, but every organisation still needs to stop and think about how people interact and where the vulnerabilities rest. This particular risk is easily resolved with specialised apps, or even creating a solution within Microsoft 365 and we\u2019ll be reaching out to help every law firm mitigate it. The challenge is there are always risks and we have to work together to eliminate them.<\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]\n\n\n","protected":false},"excerpt":{"rendered":" That\u2019s right. AML is not only frustrating to many of us, but it has also created cyber-risks. The irony isn\u2019t lost on us. We\u2019re honoured to support a large number of NZ law firms as clients, and it is a responsibility we take very seriously. Law firms handle such a mix of highly confidential data […]<\/p>\n","protected":false},"author":5,"featured_media":9578,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4,9,5],"tags":[],"class_list":["post-9577","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-legal-firms","category-security"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/9577","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9577"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/9577\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9577"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9577"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9577"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}